Lucene search
K

310 matches found

Fedora
Fedora
added 2024/01/27 2:12 a.m.29 views

[SECURITY] Fedora 38 Update: vorbis-tools-1.4.2-9.fc38

Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The vorbis package contains an encoder, a decoder, a playback tool, and a comment editor...

7.8CVSS7.3AI score0.00448EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2023/12/28 4:0 p.m.29 views

Mastering Industrial Cybersecurity: The Significance of Combining Vulnerability Management with Detection and Response

Written by Elad Ben-Meir, CEO SCADAfence, a Honeywell company. In today's digital era, where industries are increasingly reliant on advanced technologies, safeguarding critical infrastructure against cyber threats has become paramount. The convergence of operational technology OT and information...

7.1AI score
Exploits0
Redos
Redos
added 2023/09/20 12:0 a.m.44 views

ROS-20230919-02

Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...

8.8CVSS7.5AI score0.00756EPSS
Exploits0
Schneier on Security
Schneier on Security
added 2023/07/26 11:5 a.m.191 views

Backdoor in TETRA Police Radios

Seems that there is a deliberate backdoor in the twenty-year-old TErrestrial Trunked RAdio TETRA standard used by police forces around the world. The European Telecommunications Standards Institute ETSI, an organization that standardizes technologies across the industry, first created TETRA in...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/14 2:41 p.m.88 views

Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services

Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system DCS and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion D...

9.8CVSS9.2AI score0.13833EPSS
Exploits5
NVD
NVD
added 2023/05/22 11:15 p.m.39 views

CVE-2022-47311

A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successfu...

8.8CVSS8.9AI score0.00517EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/22 10:12 p.m.36 views

CVE-2022-47311 CVE-2022-47311

A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successfu...

8.5CVSS9.1AI score0.00517EPSS
Exploits0References2
CVE
CVE
added 2023/05/22 10:12 p.m.55 views

CVE-2022-47311

Summary of CVE-2022-47311 (Dataprobe iBoot-PDU): A proprietary iBoot protocol uses control/keepalive commands and authenticates via a username/password stored in the device. If the user does not exist, the device sends a value for username/password, enabling successful authentication for a connec...

8.8CVSS8.9AI score0.00517EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/22 12:0 a.m.5 views

PT-2023-15237 · Iboot · Iboot

Name of the Vulnerable Software and Affected Versions: iBoot devices affected versions not specified Description: A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the...

8.8CVSS8.7AI score0.00517EPSS
Exploits0References5
HackRead
HackRead
added 2023/03/27 7:41 p.m.16 views

Portion of Twitter’s proprietary source code leaked on GitHub

By Deeba Ahmed Twitter had to file a DMCA request after its source code was found on GitHub. This is a post from HackRead.com Read the original post: Portion of Twitters proprietary source code leaked on GitHub...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/16 1:39 p.m.40 views

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aime...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/02 1:40 p.m.3 views

Hackers Exploit Containerized Environments to Steal Proprietary Data and Software

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. "The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/03/01 10:19 a.m.28 views

Highly Sophisticated SCARLETEEL Cloud Attack That Stole Proprietary Data

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The SCARLETEEL attack was a highly sophisticated cloud operation that involved the theft of proprietary data by exploiting a compromised Kubernetes container,...

1.7AI score
Exploits0
hivepro
hivepro
added 2023/01/23 3:34 a.m.109 views

New BOLDMOVE Backdoor uses FortiOS vulnerability for initial access

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A suspected China-nexus campaign has exploited a vulnerability in Fortinets FortiOS SSL-VPN, known as CVE-2022-42475. The exploitation was believed to have occurred as early as October 2022 and the targe...

2.7AI score0.99474EPSS
Exploits11
The Hacker News
The Hacker News
added 2022/12/23 4:7 a.m.35 views

LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen

The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/12 12:0 a.m.255 views

Trojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) MVID-2022-0664 Insecure Proprietary Password Encryption

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/618f28253d1268132a9f10819a6947f2.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Trojan-Dropper.Win32.Decay.dxv CyberGate v1.00.0...

0.5AI score
Exploits0
NVD
NVD
added 2022/10/14 4:15 p.m.27 views

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...

9.8CVSS0.0051EPSS
Exploits0References1
Prion
Prion
added 2022/10/14 4:15 p.m.18 views

Heap overflow

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...

7.5CVSS9.3AI score0.0051EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/14 12:0 a.m.27 views

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...

9.6AI score0.0051EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/14 12:0 a.m.5 views

PT-2022-24636 · Hwairlink · Hwairlink

Name of the Vulnerable Software and Affected Versions: HwAirlink module affected versions not specified Description: The issue is related to a heap overflow vulnerability in the HwAirlink module when processing data packets of a proprietary protocol. This vulnerability may allow attackers to obta...

9.8CVSS9.2AI score0.0051EPSS
Exploits0References3
Rows per page
Query Builder